One of the goals of modern computing is to provide people with ubiquitous computing environments. In these computing environments it is necessary to allow devices to become spontaneously associated and interoperable with other devices.
An association can be said to have been made between two (or more) devices when each device possesses data (e.g. another device's network address) that allows the devices to communicate with each other. An association is considered to be secure if a secret encryption key has been established and is known only to the associated devices.
Due to the ad-hoc nature of such spontaneous associations the connections formed between devices will generally take place over wireless communication links. However, in some situations wired connections, or combinations of wired and wireless connections will also be used to make spontaneous associations between devices.
The creation of spontaneous associations between devices raises security concerns for users of the devices. In the first instance there is the need for suitable key-exchange protocols to establish secure associations between devices. However even once a key-exchange protocol has been run it is difficult, if not impossible, for the user(s) of the associated devices to verify that the key-exchange protocol has run successfully and that the association is truly secure.